General

  • Target

    word.zip

  • Size

    49.5MB

  • MD5

    2065356a29de858b29e54be9111caa38

  • SHA1

    5c6416f041e2a2ed47056200d76a6f1f5eecebc6

  • SHA256

    db782aed8ef4fab6299d2d08ca2f695762535847a1e6e77b117fc2c7eb36da33

  • SHA512

    51333037e48943ca48fa7f73eb1949955901e672a478c60ee64e8dc674777ae9f15ef23e390a2b8aa0e3abc84ae67e08754894c07410c250a616a95119f2c502

  • SSDEEP

    1572864:1coUN9zmk+jAi/99i7wR4X/E6Fsv8THJtnUh:1cjg/ri44X/JFS8THJlUh

Score
10/10

Malware Config

Signatures

  • Detect Lumma Stealer payload V2 1 IoCs
  • Lumma family
  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • word.zip
    .zip
  • ar.ini
  • bg.ini
  • bin/ALL_base.dat
  • bin/BG.lng
  • bin/CA.lng
  • bin/CS.lng
  • bin/Config.dat
  • bin/DA.lng
  • bin/DE.lng
  • bin/EN.lng
  • bin/ES.lng
  • bin/ET.lng
  • bin/FN.lng
  • bin/FR.lng
  • bin/HR.lng
  • bin/HU.lng
  • bin/ICRDGT_base.dat
  • bin/ID.lng
  • bin/IT.lng
  • bin/LT.lng
  • bin/LV.lng
  • bin/NB.lng
  • bin/NL.lng
  • bin/NSOCR.dll
    .dll regsvr32 windows:6 windows x86 arch:x86

    ee7e9ae3ef629e19b12dcd9b44187e75


    Headers

    Imports

    Exports

    Sections

  • bin/NsBars.dll
    .dll windows:6 windows x86 arch:x86

    7fba1798ccc2e1b3f68b4a089a51ae01


    Headers

    Imports

    Exports

    Sections

  • bin/NsImgLdr.dll
    .dll windows:6 windows x86 arch:x86

    abaf983d68f2a272929e27030410d98d


    Headers

    Imports

    Exports

    Sections

  • bin/NsSpell.dll
    .dll windows:6 windows x86 arch:x86

    8053a7d12c214bceeb2cb723a962bce0


    Headers

    Imports

    Exports

    Sections

  • bin/PL.lng
  • bin/PT.lng
  • bin/RO.lng
  • bin/RU.lng
  • bin/SK.lng
  • bin/SL.lng
  • bin/SV.lng
  • bin/TR.lng
  • bin/Twaindsm.dll
    .dll windows:5 windows x86 arch:x86

    bf4602f11b8e8bdeb01899d2a942ed66


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/gray.icc
  • bin/jnsocr.dll
    .dll windows:5 windows x86 arch:x86

    a1fddcfa0d53e9bdced4474042d654bd


    Headers

    Imports

    Exports

    Sections

  • bin/pdf_font.ttf
  • bin/rgb.icc
  • bin/sd.dat
  • br.ini
  • bugreport.txt
  • cz.ini
  • de.ini
  • en.ini
  • es.ini
  • fr.ini
  • gr.ini
  • hu.ini
  • iframe/rolloutfile.tv0.0.tv
  • iframe/rolloutfile.tv0.1.tv
  • iframe/rolloutfile.tv0.2.tv
  • iframe/rolloutfile.tv1.1.tv
  • iframe/rolloutfile.tv1.2.tv
  • iframe/rolloutfile.tv1.3.tv
  • iframe/rolloutfile.tv10.0.tv
  • iframe/rolloutfile.tv10.1.tv
  • iframe/rolloutfile.tv11.0.tv
  • iframe/rolloutfile.tv11.1.tv
  • iframe/rolloutfile.tv12.0.tv
  • iframe/rolloutfile.tv12.1.tv
  • iframe/rolloutfile.tv13.0.tv
  • iframe/rolloutfile.tv13.1.tv
  • iframe/rolloutfile.tv14.0.tv
  • iframe/rolloutfile.tv14.1.tv
  • iframe/rolloutfile.tv15.0.tv
  • iframe/rolloutfile.tv15.1.tv
  • iframe/rolloutfile.tv16.0.tv
  • iframe/rolloutfile.tv16.1.tv
  • iframe/rolloutfile.tv17.0.tv
  • iframe/rolloutfile.tv17.1.tv
  • iframe/rolloutfile.tv18.0.tv
  • iframe/rolloutfile.tv18.1.tv
  • iframe/rolloutfile.tv19.0.tv
  • iframe/rolloutfile.tv19.1.tv
  • iframe/rolloutfile.tv2.1.tv
  • iframe/rolloutfile.tv2.2.tv
  • iframe/rolloutfile.tv2.3.tv
  • iframe/rolloutfile.tv2.4.tv
  • iframe/rolloutfile.tv2.5.tv
  • iframe/rolloutfile.tv2.6.tv
  • iframe/rolloutfile.tv20.0.tv
  • iframe/rolloutfile.tv20.1.tv
  • iframe/rolloutfile.tv21.0.tv
  • iframe/rolloutfile.tv21.1.tv
  • iframe/rolloutfile.tv22.0.tv
  • iframe/rolloutfile.tv22.1.tv
  • iframe/rolloutfile.tv23.0.tv
  • iframe/rolloutfile.tv23.1.tv
  • iframe/rolloutfile.tv24.0.tv
  • iframe/rolloutfile.tv24.1.tv
  • iframe/rolloutfile.tv25.0.tv
  • iframe/rolloutfile.tv25.1.tv
  • iframe/rolloutfile.tv26.0.tv
  • iframe/rolloutfile.tv26.1.tv
  • iframe/rolloutfile.tv27.0.tv
  • iframe/rolloutfile.tv27.1.tv
  • iframe/rolloutfile.tv28.0.tv
  • iframe/rolloutfile.tv28.1.tv
  • iframe/rolloutfile.tv29.0.tv
  • iframe/rolloutfile.tv29.1.tv
  • iframe/rolloutfile.tv3.0.tv
  • iframe/rolloutfile.tv3.1.tv
  • iframe/rolloutfile.tv3.2.tv
  • iframe/rolloutfile.tv30.0.tv
  • iframe/rolloutfile.tv30.1.tv
  • iframe/rolloutfile.tv31.0.tv
  • iframe/rolloutfile.tv31.1.tv
  • iframe/rolloutfile.tv32.0.tv
  • iframe/rolloutfile.tv32.1.tv
  • iframe/rolloutfile.tv33.0.tv
  • iframe/rolloutfile.tv33.1.tv
  • iframe/rolloutfile.tv34.0.tv
  • iframe/rolloutfile.tv34.1.tv
  • iframe/rolloutfile.tv35.0.tv
  • iframe/rolloutfile.tv35.1.tv
  • iframe/rolloutfile.tv36.0.tv
  • iframe/rolloutfile.tv36.1.tv
  • iframe/rolloutfile.tv37.0.tv
  • iframe/rolloutfile.tv37.1.tv
  • iframe/rolloutfile.tv38.0.tv
  • iframe/rolloutfile.tv38.1.tv
  • iframe/rolloutfile.tv39.0.tv
  • iframe/rolloutfile.tv39.1.tv
  • iframe/rolloutfile.tv4.0.tv
  • iframe/rolloutfile.tv4.1.tv
  • iframe/rolloutfile.tv40.0.tv
  • iframe/rolloutfile.tv40.1.tv
  • iframe/rolloutfile.tv41.0.tv
  • iframe/rolloutfile.tv41.1.tv
  • iframe/rolloutfile.tv42.0.tv
  • iframe/rolloutfile.tv42.1.tv
  • iframe/rolloutfile.tv43.0.tv
  • iframe/rolloutfile.tv43.1.tv
  • iframe/rolloutfile.tv44.0.tv
  • iframe/rolloutfile.tv44.1.tv
  • iframe/rolloutfile.tv45.0.tv
  • iframe/rolloutfile.tv45.1.tv
  • iframe/rolloutfile.tv5.0.tv
  • iframe/rolloutfile.tv5.1.tv
  • iframe/rolloutfile.tv6.0.tv
  • iframe/rolloutfile.tv6.1.tv
  • iframe/rolloutfile.tv7.0.tv
  • iframe/rolloutfile.tv7.1.tv
  • iframe/rolloutfile.tv7.2.tv
  • iframe/rolloutfile.tv7.3.tv
  • iframe/rolloutfile.tv7.4.tv
  • iframe/rolloutfile.tv8.0.tv
  • iframe/rolloutfile.tv8.1.tv
  • iframe/rolloutfile.tv9.0.tv
  • iframe/rolloutfile.tv9.1.tv
  • it.ini
  • ko.ini
  • pagy.picpay
  • ru.ini
  • se.ini
  • tr.ini
  • word-Visualizador.exe
    .exe windows:5 windows x86 arch:x86

    82194d62560148a188204923283639d7


    Code Sign

    Headers

    Imports

    Exports

    Sections